ITTech Pulse Exclusive Interview with Rosalyn Curato, Chief Innovation Officer and GM of Agentic Security at Vouched

Rosalyn Curato, Chief Innovation Officer and GM of Agentic Security at Vouched, discusses how organizations can prepare for the future of AI by building trusted identity infrastructure for autonomous agents.

Rosalyn, your career spans digital identity, innovation, and emerging technologies. Could you briefly share how your professional journey evolved toward identity verification and trust frameworks, and what inspired your focus on securing the AI ecosystem?

I spent my whole life thinking that I would grow up and become a doctor and when I completed my first internship at JPMorgan, I knew that I wanted to enter the business world. But I still wanted to retain a sense of contributing to the world in a way that makes people’s lives easier somehow. So, the first half of my career was about building a solid foundational skill set that would allow me to take my generalist capabilities to do anything I wanted. I then made the move into education to help school systems budget in an easier and transparent way, followed by making it easier for businesses to invoice and collect payments from their customers, and now identity verification for agents. The common theme across these areas is that by working on a part of the problem, I can set up school leaders and business leaders to do what they do best. Educate students, run a business and pay their staff on time, and provide a good or service…they get to do their best work because they don’t have to worry about this one cog in their operational process. That is incredibly exciting to me.

Read More: ITTech Pulse Exclusive Interview with Michael Campell, Chief Product Officer, Hyland

As AI agents increasingly perform tasks for individuals and enterprises, identity and trust become critical. From your perspective, what are the most significant security and governance challenges organizations face when managing identities for autonomous AI systems?

Right now I see two major risks:

1. AI adoption is evolving so rapidly that the pace of innovation is far greater than the pace of infrastructure development. This creates inherent vulnerability in the ecosystem where there is real risk. We’re seeing that in headlines almost daily and we’re also seeing that in how companies are forecasting for higher chargeback and fraud this year and next – the risk is expected and the right mitigants are not yet in place
2. There is another set of consumers that I am equally worried about: the organizations in a wait-and-see mode who have yet to define agentic security policies or allow their employees to experiment with AI. While it protects an organization from short-term risk, it leaves them vulnerable to longer term risk. The bad guys are using AI and finding more creative ways to come after the good guys, so we all need to sharpen our defenses. Ignoring the problem is just setting you up for failure in the long run.

ITTech Pulse recently covered Vouched’s donation of the MCP-I identity framework to the Decentralized Identity Foundation. What inspired this initiative, and how can open identity standards strengthen trust and collaboration across emerging AI ecosystems?

At Vouched we’re a huge advocate for open standards. MCP-I, now rebranded to KYA-OS (Know Your Agent Operating System), was borne out of a desire to make it clear that the framework needed to authenticate AI agents is very different from human authentication methods. We chose DIF for this donation because of our shared belief in open standards and because we have been genuinely impressed with the level of expertise and thoughtfulness in our interactions with fellow DIF members. While there are a few similar projects available in the space now, our hope is that all of us can align on one common framework that will benefit all organizations who desire to use AI.

Traditional identity systems were built for human users, yet AI agents are beginning to perform transactions and enterprise tasks. How should identity infrastructure evolve to verify, authorize, and monitor AI agents operating across digital platforms?

Agents and humans operate in very different ways. Rather than retrofit existing identity infrastructure to grok a solution for agents, we should build the right systems that will optimize revenue and impact while minimizing risk. Lots of folks are thinking through this problem now. At Vouched, we believe that the core operating principles involve binding the agent to the human (autonomous actors don’t have to be anonymous actors) and understanding what permissions the agent has been delegated. Answering these two questions enables the trust needed to transact successfully on both sides.

Many organizations are exploring agentic AI but face concerns around governance and security. What practical steps should enterprises take today to ensure their infrastructure and policies are ready for secure deployment of AI-driven agents?

A.) Strive for alignment between your revenue and risk leaders in your organization. Both are critical stakeholders when it comes to AI adoption. This is no longer about containing risk; we’re also marketing to a brand-new consumer type.

B.) Don’t feel like you have to figure it all out in one master plan. Isolate one department, team, or process flow and start there. If you take one step at a time, you’ll accomplish so much in just one quarter.

C.) Stay informed. There is an overwhelming amount of information out there on advancements being made in AI on a daily basis. You don’t have to read it all but we each need to ensure that part of our workday involves reading and staying apprised on these developments. Start with a couple of trusted resources and build from there.

D.) Remember that you’ve got this! AI is causing a lot of leaders to question their qualifications. I like to remind people that at one point in your career, you didn’t know how to code, how to use PowerPoint or create a spreadsheet, or how to manage a team. You eventually figured it out and then mastered it, so you’ll do great at this too!

Read More: ITTech Pulse Exclusive Interview with Michael Jacobs, Head of Social Innovation at IBM

Vouched has recently introduced initiatives focused on identity verification and the emerging “Know Your Agent” ecosystem. How do these innovations align with your broader vision for building trust, accountability, and security in AI-powered digital environments?

One of the most exciting parts of my role is building our agentic partner ecosystem. We speak with a lot of interesting organizations, but we carefully select the ones we bring into the fold. The heart of what we’re doing is building the trust layer for AI and so each initiative we launch and partner we bring on is designed to help us bring this to life even faster. Identiclaw was a fun project created to bring security and identity to very powerful technology. Our partnership with WINK brings home the concept of binding humans to agents in a very concrete way. All of this takes the abstract notion of identity and gives each operator the tools to implement agentic trust successfully. 

Looking ahead, what major developments do you anticipate shaping identity verification, decentralized trust models, and AI security during 2026, and how should enterprises prepare for these changes as AI adoption accelerates globally?

AI security is a very popular space now. We are seeing a lot of contributions to frameworks and technology to fill this gap. As an enterprise, the best thing you can do is continue to keep yourself informed – read, talk to peers and experts – and when the time is right, you’ll know what plan to develop for your organization. Whatever that plan may be, it’s important to build with flexibility in mind to account for the unknown. That’s what makes this a fun journey for us all to be on!

Thank you Rosalyn, for taking the time to share your insights with us.

Write to us [⁠wasim.a@demandmediaagency.com] to learn more about our exclusive editorial packages and programmes.